@rio.js/enterprise 1.4.0

package/dist/db-schema.final-DWleoQm0.mjs

@@ -0,0 +1,785 @@
+import { $ as teamRole, A as oauthAccessTokenRelations, B as organizationRoleRelations, C as memberAssetRoleRelations, D as memberTeamRole, E as memberRelations, F as object, G as schemaDefinition, H as platformRole, I as objectRelations, J as sessionRelations, K as schemaDefinitionRelations, L as organization, M as oauthApplicationRelations, N as oauthConsent, O as memberTeamRoleRelations, P as oauthConsentRelations, Q as teamRelations, R as organizationRelations, S as memberAssetRole, T as memberOrganizationRoleRelations, U as relationship, V as person, W as relationshipRelations, X as teamMember, Y as team, Z as teamMemberRelations, _ as assetType, a as agent, at as verification, b as invitationRelations, c as apikeyRelations, d as assetRole, et as teamRoleRelations, f as assetRoleRelations, g as assetShareRelations, h as assetShareLinkRelations, i as accountRelations, it as userRelations, j as oauthApplication, k as oauthAccessToken, l as asset, m as assetShareLink, nt as twoFactorRelations, o as agentRelations, ot as enterpriseSchema, p as assetShare, q as session, r as account, rt as user, s as apikey, st as __export, tt as twoFactor, u as assetRelations, v as assetTypeRelations, w as memberOrganizationRole, x as member, y as invitation, z as organizationRole } from "./db-BVXTgOd3.mjs";
+import { c as generateId, f as createHash, h as hashPassword, n as getAuthTables, p as createRandomStringGenerator, q as runWithAdapter, v as verifyPassword } from "./json-oFuWgANh-O1U6k3bL.mjs";
+import { a as getBooleanEnvVar, f as logger, g as BetterAuthError, h as BASE_ERROR_CODES, i as env, l as isProduction, r as createLogger, s as getEnvVar, t as ENV, u as isTest } from "./env-DwlNAN_D-C1zHd0cf-Cdlw8sNp.mjs";
+import { H as base64 } from "./verify-CN5Qc0e-.mjs";
+import { z as socialProviders } from "./social-providers-DNfE9Ak7-Be5zMAEe.mjs";
+import { N as createGraphAdapter, _t as createInternalAdapter, at as checkEndpointConflicts, ct as defu, lt as createCookieGetter, nt as checkPassword, ot as getEndpoints, st as router, ut as getCookies, vt as getAdapter, yt as getMigrations } from "./plugins-BNFht2HW.mjs";
+import { n as getKyselyDatabaseType } from "./dialect-C6_pK3V9-CPJHWkYR.mjs";
+import { t as betterFetch } from "./dist-CygcgJYk.mjs";
+import { a as getOrigin, r as getBaseURL } from "./parser-bL7W2mQ0-YdTgjtji.mjs";
+
+//#region ../better-auth/dist/base-B1roRIPC.mjs
+function getTelemetryAuthConfig(options, context) {
+	return {
+		database: context?.database,
+		adapter: context?.adapter,
+		emailVerification: {
+			sendVerificationEmail: !!options.emailVerification?.sendVerificationEmail,
+			sendOnSignUp: !!options.emailVerification?.sendOnSignUp,
+			sendOnSignIn: !!options.emailVerification?.sendOnSignIn,
+			autoSignInAfterVerification: !!options.emailVerification?.autoSignInAfterVerification,
+			expiresIn: options.emailVerification?.expiresIn,
+			onEmailVerification: !!options.emailVerification?.onEmailVerification,
+			afterEmailVerification: !!options.emailVerification?.afterEmailVerification
+		},
+		emailAndPassword: {
+			enabled: !!options.emailAndPassword?.enabled,
+			disableSignUp: !!options.emailAndPassword?.disableSignUp,
+			requireEmailVerification: !!options.emailAndPassword?.requireEmailVerification,
+			maxPasswordLength: options.emailAndPassword?.maxPasswordLength,
+			minPasswordLength: options.emailAndPassword?.minPasswordLength,
+			sendResetPassword: !!options.emailAndPassword?.sendResetPassword,
+			resetPasswordTokenExpiresIn: options.emailAndPassword?.resetPasswordTokenExpiresIn,
+			onPasswordReset: !!options.emailAndPassword?.onPasswordReset,
+			password: {
+				hash: !!options.emailAndPassword?.password?.hash,
+				verify: !!options.emailAndPassword?.password?.verify
+			},
+			autoSignIn: !!options.emailAndPassword?.autoSignIn,
+			revokeSessionsOnPasswordReset: !!options.emailAndPassword?.revokeSessionsOnPasswordReset
+		},
+		socialProviders: Object.keys(options.socialProviders || {}).map((p) => {
+			const provider = options.socialProviders?.[p];
+			if (!provider) return {};
+			return {
+				id: p,
+				mapProfileToUser: !!provider.mapProfileToUser,
+				disableDefaultScope: !!provider.disableDefaultScope,
+				disableIdTokenSignIn: !!provider.disableIdTokenSignIn,
+				disableImplicitSignUp: provider.disableImplicitSignUp,
+				disableSignUp: provider.disableSignUp,
+				getUserInfo: !!provider.getUserInfo,
+				overrideUserInfoOnSignIn: !!provider.overrideUserInfoOnSignIn,
+				prompt: provider.prompt,
+				verifyIdToken: !!provider.verifyIdToken,
+				scope: provider.scope,
+				refreshAccessToken: !!provider.refreshAccessToken
+			};
+		}),
+		plugins: options.plugins?.map((p) => p.id.toString()),
+		user: {
+			modelName: options.user?.modelName,
+			fields: options.user?.fields,
+			additionalFields: options.user?.additionalFields,
+			changeEmail: {
+				enabled: options.user?.changeEmail?.enabled,
+				sendChangeEmailVerification: !!options.user?.changeEmail?.sendChangeEmailVerification
+			}
+		},
+		verification: {
+			modelName: options.verification?.modelName,
+			disableCleanup: options.verification?.disableCleanup,
+			fields: options.verification?.fields
+		},
+		session: {
+			modelName: options.session?.modelName,
+			additionalFields: options.session?.additionalFields,
+			cookieCache: {
+				enabled: options.session?.cookieCache?.enabled,
+				maxAge: options.session?.cookieCache?.maxAge,
+				strategy: options.session?.cookieCache?.strategy
+			},
+			disableSessionRefresh: options.session?.disableSessionRefresh,
+			expiresIn: options.session?.expiresIn,
+			fields: options.session?.fields,
+			freshAge: options.session?.freshAge,
+			preserveSessionInDatabase: options.session?.preserveSessionInDatabase,
+			storeSessionInDatabase: options.session?.storeSessionInDatabase,
+			updateAge: options.session?.updateAge
+		},
+		account: {
+			modelName: options.account?.modelName,
+			fields: options.account?.fields,
+			encryptOAuthTokens: options.account?.encryptOAuthTokens,
+			updateAccountOnSignIn: options.account?.updateAccountOnSignIn,
+			accountLinking: {
+				enabled: options.account?.accountLinking?.enabled,
+				trustedProviders: options.account?.accountLinking?.trustedProviders,
+				updateUserInfoOnLink: options.account?.accountLinking?.updateUserInfoOnLink,
+				allowUnlinkingAll: options.account?.accountLinking?.allowUnlinkingAll
+			}
+		},
+		hooks: {
+			after: !!options.hooks?.after,
+			before: !!options.hooks?.before
+		},
+		secondaryStorage: !!options.secondaryStorage,
+		advanced: {
+			cookiePrefix: !!options.advanced?.cookiePrefix,
+			cookies: !!options.advanced?.cookies,
+			crossSubDomainCookies: {
+				domain: !!options.advanced?.crossSubDomainCookies?.domain,
+				enabled: options.advanced?.crossSubDomainCookies?.enabled,
+				additionalCookies: options.advanced?.crossSubDomainCookies?.additionalCookies
+			},
+			database: {
+				useNumberId: !!options.advanced?.database?.useNumberId || options.advanced?.database?.generateId === "serial",
+				generateId: options.advanced?.database?.generateId,
+				defaultFindManyLimit: options.advanced?.database?.defaultFindManyLimit
+			},
+			useSecureCookies: options.advanced?.useSecureCookies,
+			ipAddress: {
+				disableIpTracking: options.advanced?.ipAddress?.disableIpTracking,
+				ipAddressHeaders: options.advanced?.ipAddress?.ipAddressHeaders
+			},
+			disableCSRFCheck: options.advanced?.disableCSRFCheck,
+			cookieAttributes: {
+				expires: options.advanced?.defaultCookieAttributes?.expires,
+				secure: options.advanced?.defaultCookieAttributes?.secure,
+				sameSite: options.advanced?.defaultCookieAttributes?.sameSite,
+				domain: !!options.advanced?.defaultCookieAttributes?.domain,
+				path: options.advanced?.defaultCookieAttributes?.path,
+				httpOnly: options.advanced?.defaultCookieAttributes?.httpOnly
+			}
+		},
+		trustedOrigins: options.trustedOrigins?.length,
+		rateLimit: {
+			storage: options.rateLimit?.storage,
+			modelName: options.rateLimit?.modelName,
+			window: options.rateLimit?.window,
+			customStorage: !!options.rateLimit?.customStorage,
+			enabled: options.rateLimit?.enabled,
+			max: options.rateLimit?.max
+		},
+		onAPIError: {
+			errorURL: options.onAPIError?.errorURL,
+			onError: !!options.onAPIError?.onError,
+			throw: options.onAPIError?.throw
+		},
+		logger: {
+			disabled: options.logger?.disabled,
+			level: options.logger?.level,
+			log: !!options.logger?.log
+		},
+		databaseHooks: {
+			user: {
+				create: {
+					after: !!options.databaseHooks?.user?.create?.after,
+					before: !!options.databaseHooks?.user?.create?.before
+				},
+				update: {
+					after: !!options.databaseHooks?.user?.update?.after,
+					before: !!options.databaseHooks?.user?.update?.before
+				}
+			},
+			session: {
+				create: {
+					after: !!options.databaseHooks?.session?.create?.after,
+					before: !!options.databaseHooks?.session?.create?.before
+				},
+				update: {
+					after: !!options.databaseHooks?.session?.update?.after,
+					before: !!options.databaseHooks?.session?.update?.before
+				}
+			},
+			account: {
+				create: {
+					after: !!options.databaseHooks?.account?.create?.after,
+					before: !!options.databaseHooks?.account?.create?.before
+				},
+				update: {
+					after: !!options.databaseHooks?.account?.update?.after,
+					before: !!options.databaseHooks?.account?.update?.before
+				}
+			},
+			verification: {
+				create: {
+					after: !!options.databaseHooks?.verification?.create?.after,
+					before: !!options.databaseHooks?.verification?.create?.before
+				},
+				update: {
+					after: !!options.databaseHooks?.verification?.update?.after,
+					before: !!options.databaseHooks?.verification?.update?.before
+				}
+			}
+		}
+	};
+}
+let packageJSONCache;
+async function readRootPackageJson() {
+	if (packageJSONCache) return packageJSONCache;
+	try {
+		const cwd = typeof process !== "undefined" && typeof process.cwd === "function" ? process.cwd() : "";
+		if (!cwd) return void 0;
+		const importRuntime$1 = (m) => Function("mm", "return import(mm)")(m);
+		const [{ default: fs }, { default: path }] = await Promise.all([importRuntime$1("fs/promises"), importRuntime$1("path")]);
+		const raw = await fs.readFile(path.join(cwd, "package.json"), "utf-8");
+		packageJSONCache = JSON.parse(raw);
+		return packageJSONCache;
+	} catch {}
+}
+async function getPackageVersion(pkg) {
+	if (packageJSONCache) return packageJSONCache.dependencies?.[pkg] || packageJSONCache.devDependencies?.[pkg] || packageJSONCache.peerDependencies?.[pkg];
+	try {
+		const cwd = typeof process !== "undefined" && typeof process.cwd === "function" ? process.cwd() : "";
+		if (!cwd) throw new Error("no-cwd");
+		const importRuntime$1 = (m) => Function("mm", "return import(mm)")(m);
+		const [{ default: fs }, { default: path }] = await Promise.all([importRuntime$1("fs/promises"), importRuntime$1("path")]);
+		const pkgJsonPath = path.join(cwd, "node_modules", pkg, "package.json");
+		const raw = await fs.readFile(pkgJsonPath, "utf-8");
+		return JSON.parse(raw).version || await getVersionFromLocalPackageJson(pkg) || void 0;
+	} catch {}
+	return await getVersionFromLocalPackageJson(pkg);
+}
+async function getVersionFromLocalPackageJson(pkg) {
+	const json = await readRootPackageJson();
+	if (!json) return void 0;
+	return {
+		...json.dependencies,
+		...json.devDependencies,
+		...json.peerDependencies
+	}[pkg];
+}
+async function getNameFromLocalPackageJson() {
+	return (await readRootPackageJson())?.name;
+}
+const DATABASES = {
+	pg: "postgresql",
+	mysql: "mysql",
+	mariadb: "mariadb",
+	sqlite3: "sqlite",
+	"better-sqlite3": "sqlite",
+	"@prisma/client": "prisma",
+	mongoose: "mongodb",
+	mongodb: "mongodb",
+	"drizzle-orm": "drizzle"
+};
+async function detectDatabase() {
+	for (const [pkg, name] of Object.entries(DATABASES)) {
+		const version = await getPackageVersion(pkg);
+		if (version) return {
+			name,
+			version
+		};
+	}
+}
+const FRAMEWORKS = {
+	next: "next",
+	nuxt: "nuxt",
+	"@remix-run/server-runtime": "remix",
+	astro: "astro",
+	"@sveltejs/kit": "sveltekit",
+	"solid-start": "solid-start",
+	"tanstack-start": "tanstack-start",
+	hono: "hono",
+	express: "express",
+	elysia: "elysia",
+	expo: "expo"
+};
+async function detectFramework() {
+	for (const [pkg, name] of Object.entries(FRAMEWORKS)) {
+		const version = await getPackageVersion(pkg);
+		if (version) return {
+			name,
+			version
+		};
+	}
+}
+function detectPackageManager() {
+	const userAgent = env.npm_config_user_agent;
+	if (!userAgent) return;
+	const pmSpec = userAgent.split(" ")[0];
+	const separatorPos = pmSpec.lastIndexOf("/");
+	const name = pmSpec.substring(0, separatorPos);
+	return {
+		name: name === "npminstall" ? "cnpm" : name,
+		version: pmSpec.substring(separatorPos + 1)
+	};
+}
+const importRuntime = (m) => {
+	return Function("mm", "return import(mm)")(m);
+};
+function getVendor() {
+	const hasAny = (...keys) => keys.some((k) => Boolean(env[k]));
+	if (hasAny("CF_PAGES", "CF_PAGES_URL", "CF_ACCOUNT_ID") || typeof navigator !== "undefined" && navigator.userAgent === "Cloudflare-Workers") return "cloudflare";
+	if (hasAny("VERCEL", "VERCEL_URL", "VERCEL_ENV")) return "vercel";
+	if (hasAny("NETLIFY", "NETLIFY_URL")) return "netlify";
+	if (hasAny("RENDER", "RENDER_URL", "RENDER_INTERNAL_HOSTNAME", "RENDER_SERVICE_ID")) return "render";
+	if (hasAny("AWS_LAMBDA_FUNCTION_NAME", "AWS_EXECUTION_ENV", "LAMBDA_TASK_ROOT")) return "aws";
+	if (hasAny("GOOGLE_CLOUD_FUNCTION_NAME", "GOOGLE_CLOUD_PROJECT", "GCP_PROJECT", "K_SERVICE")) return "gcp";
+	if (hasAny("AZURE_FUNCTION_NAME", "FUNCTIONS_WORKER_RUNTIME", "WEBSITE_INSTANCE_ID", "WEBSITE_SITE_NAME")) return "azure";
+	if (hasAny("DENO_DEPLOYMENT_ID", "DENO_REGION")) return "deno-deploy";
+	if (hasAny("FLY_APP_NAME", "FLY_REGION", "FLY_ALLOC_ID")) return "fly-io";
+	if (hasAny("RAILWAY_STATIC_URL", "RAILWAY_ENVIRONMENT_NAME")) return "railway";
+	if (hasAny("DYNO", "HEROKU_APP_NAME")) return "heroku";
+	if (hasAny("DO_DEPLOYMENT_ID", "DO_APP_NAME", "DIGITALOCEAN")) return "digitalocean";
+	if (hasAny("KOYEB", "KOYEB_DEPLOYMENT_ID", "KOYEB_APP_NAME")) return "koyeb";
+	return null;
+}
+async function detectSystemInfo() {
+	try {
+		if (getVendor() === "cloudflare") return "cloudflare";
+		const os = await importRuntime("os");
+		const cpus = os.cpus();
+		return {
+			deploymentVendor: getVendor(),
+			systemPlatform: os.platform(),
+			systemRelease: os.release(),
+			systemArchitecture: os.arch(),
+			cpuCount: cpus.length,
+			cpuModel: cpus.length ? cpus[0].model : null,
+			cpuSpeed: cpus.length ? cpus[0].speed : null,
+			memory: os.totalmem(),
+			isWSL: await isWsl(),
+			isDocker: await isDocker(),
+			isTTY: typeof process !== "undefined" && process.stdout ? process.stdout.isTTY : null
+		};
+	} catch (e) {
+		return {
+			systemPlatform: null,
+			systemRelease: null,
+			systemArchitecture: null,
+			cpuCount: null,
+			cpuModel: null,
+			cpuSpeed: null,
+			memory: null,
+			isWSL: null,
+			isDocker: null,
+			isTTY: null
+		};
+	}
+}
+let isDockerCached;
+async function hasDockerEnv() {
+	if (getVendor() === "cloudflare") return false;
+	try {
+		(await importRuntime("fs")).statSync("/.dockerenv");
+		return true;
+	} catch {
+		return false;
+	}
+}
+async function hasDockerCGroup() {
+	if (getVendor() === "cloudflare") return false;
+	try {
+		return (await importRuntime("fs")).readFileSync("/proc/self/cgroup", "utf8").includes("docker");
+	} catch {
+		return false;
+	}
+}
+async function isDocker() {
+	if (getVendor() === "cloudflare") return false;
+	if (isDockerCached === void 0) isDockerCached = await hasDockerEnv() || await hasDockerCGroup();
+	return isDockerCached;
+}
+async function isWsl() {
+	try {
+		if (getVendor() === "cloudflare") return false;
+		if (typeof process === "undefined" || process?.platform !== "linux") return false;
+		const fs = await importRuntime("fs");
+		if ((await importRuntime("os")).release().toLowerCase().includes("microsoft")) {
+			if (await isInsideContainer()) return false;
+			return true;
+		}
+		return fs.readFileSync("/proc/version", "utf8").toLowerCase().includes("microsoft") ? !await isInsideContainer() : false;
+	} catch {
+		return false;
+	}
+}
+let isInsideContainerCached;
+const hasContainerEnv = async () => {
+	if (getVendor() === "cloudflare") return false;
+	try {
+		(await importRuntime("fs")).statSync("/run/.containerenv");
+		return true;
+	} catch {
+		return false;
+	}
+};
+async function isInsideContainer() {
+	if (isInsideContainerCached === void 0) isInsideContainerCached = await hasContainerEnv() || await isDocker();
+	return isInsideContainerCached;
+}
+function isCI() {
+	return env.CI !== "false" && ("BUILD_ID" in env || "BUILD_NUMBER" in env || "CI" in env || "CI_APP_ID" in env || "CI_BUILD_ID" in env || "CI_BUILD_NUMBER" in env || "CI_NAME" in env || "CONTINUOUS_INTEGRATION" in env || "RUN_ID" in env);
+}
+function detectRuntime() {
+	if (typeof Deno !== "undefined") return {
+		name: "deno",
+		version: Deno?.version?.deno ?? null
+	};
+	if (typeof Bun !== "undefined") return {
+		name: "bun",
+		version: Bun?.version ?? null
+	};
+	if (typeof process !== "undefined" && process?.versions?.node) return {
+		name: "node",
+		version: process.versions.node ?? null
+	};
+	return {
+		name: "edge",
+		version: null
+	};
+}
+function detectEnvironment() {
+	return getEnvVar("NODE_ENV") === "production" ? "production" : isCI() ? "ci" : isTest() ? "test" : "development";
+}
+async function hashToBase64(data) {
+	const buffer = await createHash("SHA-256").digest(data);
+	return base64.encode(buffer);
+}
+const generateId$1 = (size) => {
+	return createRandomStringGenerator("a-z", "A-Z", "0-9")(size || 32);
+};
+let projectIdCached = null;
+async function getProjectId(baseUrl) {
+	if (projectIdCached) return projectIdCached;
+	const projectName = await getNameFromLocalPackageJson();
+	if (projectName) {
+		projectIdCached = await hashToBase64(baseUrl ? baseUrl + projectName : projectName);
+		return projectIdCached;
+	}
+	if (baseUrl) {
+		projectIdCached = await hashToBase64(baseUrl);
+		return projectIdCached;
+	}
+	projectIdCached = generateId$1(32);
+	return projectIdCached;
+}
+async function createTelemetry(options, context) {
+	const debugEnabled = options.telemetry?.debug || getBooleanEnvVar("BETTER_AUTH_TELEMETRY_DEBUG", false);
+	const TELEMETRY_ENDPOINT = ENV.BETTER_AUTH_TELEMETRY_ENDPOINT;
+	const track = async (event) => {
+		if (context?.customTrack) await context.customTrack(event).catch(logger.error);
+		else if (debugEnabled) logger.info("telemetry event", JSON.stringify(event, null, 2));
+		else await betterFetch(TELEMETRY_ENDPOINT, {
+			method: "POST",
+			body: event
+		}).catch(logger.error);
+	};
+	const isEnabled = async () => {
+		const telemetryEnabled = options.telemetry?.enabled !== void 0 ? options.telemetry.enabled : false;
+		return (getBooleanEnvVar("BETTER_AUTH_TELEMETRY", false) || telemetryEnabled) && (context?.skipTestCheck || !isTest());
+	};
+	const enabled = await isEnabled();
+	let anonymousId;
+	if (enabled) {
+		anonymousId = await getProjectId(options.baseURL);
+		track({
+			type: "init",
+			payload: {
+				config: getTelemetryAuthConfig(options, context),
+				runtime: detectRuntime(),
+				database: await detectDatabase(),
+				framework: await detectFramework(),
+				environment: detectEnvironment(),
+				systemInfo: await detectSystemInfo(),
+				packageManager: detectPackageManager()
+			},
+			anonymousId
+		});
+	}
+	return { publish: async (event) => {
+		if (!enabled) return;
+		if (!anonymousId) anonymousId = await getProjectId(options.baseURL);
+		await track({
+			type: event.type,
+			payload: event.payload,
+			anonymousId
+		});
+	} };
+}
+const DEFAULT_SECRET = "better-auth-secret-123456789";
+function isPromise(obj) {
+	return !!obj && (typeof obj === "object" || typeof obj === "function") && typeof obj.then === "function";
+}
+async function runPluginInit(ctx) {
+	let options = ctx.options;
+	const plugins = options.plugins || [];
+	let context = ctx;
+	const dbHooks = [];
+	for (const plugin of plugins) if (plugin.init) {
+		let initPromise = plugin.init(context);
+		let result;
+		if (isPromise(initPromise)) result = await initPromise;
+		else result = initPromise;
+		if (typeof result === "object") {
+			if (result.options) {
+				const { databaseHooks, ...restOpts } = result.options;
+				if (databaseHooks) dbHooks.push(databaseHooks);
+				options = defu(options, restOpts);
+			}
+			if (result.context) context = {
+				...context,
+				...result.context
+			};
+		}
+	}
+	dbHooks.push(options.databaseHooks);
+	context.internalAdapter = createInternalAdapter(context.adapter, {
+		options,
+		logger: context.logger,
+		hooks: dbHooks.filter((u) => u !== void 0),
+		generateId: context.generateId,
+		graphAdapter: context.graphAdapter
+	});
+	context.options = options;
+	return { context };
+}
+function getInternalPlugins(options) {
+	const plugins = [];
+	if (options.advanced?.crossSubDomainCookies?.enabled) {}
+	return plugins;
+}
+function getTrustedOrigins(options) {
+	const baseURL = getBaseURL(options.baseURL, options.basePath);
+	if (!baseURL) return [];
+	const trustedOrigins = [new URL(baseURL).origin];
+	if (options.trustedOrigins && Array.isArray(options.trustedOrigins)) trustedOrigins.push(...options.trustedOrigins);
+	const envTrustedOrigins = env.BETTER_AUTH_TRUSTED_ORIGINS;
+	if (envTrustedOrigins) trustedOrigins.push(...envTrustedOrigins.split(","));
+	if (trustedOrigins.filter((x) => !x).length) throw new BetterAuthError("A provided trusted origin is invalid, make sure your trusted origins list is properly defined.");
+	return trustedOrigins;
+}
+async function createAuthContext(adapter, options, getDatabaseType) {
+	if (!options.database) options = defu(options, {
+		session: { cookieCache: {
+			enabled: true,
+			strategy: "jwe",
+			refreshCache: true
+		} },
+		account: {
+			storeStateStrategy: "cookie",
+			storeAccountCookie: true
+		}
+	});
+	const plugins = options.plugins || [];
+	const internalPlugins = getInternalPlugins(options);
+	const logger$1 = createLogger(options.logger);
+	const baseURL = getBaseURL(options.baseURL, options.basePath);
+	const secret = options.secret || env.BETTER_AUTH_SECRET || env.AUTH_SECRET || DEFAULT_SECRET;
+	if (secret === DEFAULT_SECRET) {
+		if (isProduction) logger$1.error("You are using the default secret. Please set `BETTER_AUTH_SECRET` in your environment variables or pass `secret` in your auth config.");
+	}
+	options = {
+		...options,
+		secret,
+		baseURL: baseURL ? new URL(baseURL).origin : "",
+		basePath: options.basePath || "/api/auth",
+		plugins: plugins.concat(internalPlugins)
+	};
+	checkEndpointConflicts(options, logger$1);
+	const cookies = getCookies(options);
+	const tables = getAuthTables(options);
+	const providers = Object.entries(options.socialProviders || {}).map(([key, config]) => {
+		if (config == null) return null;
+		if (config.enabled === false) return null;
+		if (!config.clientId) logger$1.warn(`Social provider ${key} is missing clientId or clientSecret`);
+		const provider = socialProviders[key](config);
+		provider.disableImplicitSignUp = config.disableImplicitSignUp;
+		return provider;
+	}).filter((x) => x !== null);
+	const generateIdFunc = ({ model, size }) => {
+		if (typeof options.advanced?.generateId === "function") return options.advanced.generateId({
+			model,
+			size
+		});
+		if (typeof options?.advanced?.database?.generateId === "function") return options.advanced.database.generateId({
+			model,
+			size
+		});
+		return generateId(size);
+	};
+	const { publish } = await createTelemetry(options, {
+		adapter: adapter.id,
+		database: typeof options.database === "function" ? "adapter" : getDatabaseType(options.database)
+	});
+	const graphAdapter = createGraphAdapter(adapter, options);
+	const initOrPromise = runPluginInit({
+		appName: options.appName || "Better Auth",
+		socialProviders: providers,
+		options,
+		oauthConfig: {
+			storeStateStrategy: options.account?.storeStateStrategy || "database",
+			skipStateCookieCheck: !!options.account?.skipStateCookieCheck
+		},
+		tables,
+		trustedOrigins: getTrustedOrigins(options),
+		baseURL: baseURL || "",
+		sessionConfig: {
+			updateAge: options.session?.updateAge !== void 0 ? options.session.updateAge : 1440 * 60,
+			expiresIn: options.session?.expiresIn || 3600 * 24 * 7,
+			freshAge: options.session?.freshAge === void 0 ? 3600 * 24 : options.session.freshAge,
+			cookieRefreshCache: (() => {
+				const refreshCache = options.session?.cookieCache?.refreshCache;
+				const maxAge = options.session?.cookieCache?.maxAge || 300;
+				if (refreshCache === false || refreshCache === void 0) return false;
+				if (refreshCache === true) return {
+					enabled: true,
+					updateAge: Math.floor(maxAge * .2)
+				};
+				return {
+					enabled: true,
+					updateAge: refreshCache.updateAge !== void 0 ? refreshCache.updateAge : Math.floor(maxAge * .2)
+				};
+			})()
+		},
+		secret,
+		rateLimit: {
+			...options.rateLimit,
+			enabled: options.rateLimit?.enabled ?? isProduction,
+			window: options.rateLimit?.window || 10,
+			max: options.rateLimit?.max || 100,
+			storage: options.rateLimit?.storage || (options.secondaryStorage ? "secondary-storage" : "memory")
+		},
+		authCookies: cookies,
+		logger: logger$1,
+		generateId: generateIdFunc,
+		session: null,
+		secondaryStorage: options.secondaryStorage,
+		password: {
+			hash: options.emailAndPassword?.password?.hash || hashPassword,
+			verify: options.emailAndPassword?.password?.verify || verifyPassword,
+			config: {
+				minPasswordLength: options.emailAndPassword?.minPasswordLength || 8,
+				maxPasswordLength: options.emailAndPassword?.maxPasswordLength || 128
+			},
+			checkPassword
+		},
+		setNewSession(session$1) {
+			this.newSession = session$1;
+		},
+		newSession: null,
+		adapter,
+		internalAdapter: createInternalAdapter(adapter, {
+			options,
+			logger: logger$1,
+			hooks: options.databaseHooks ? [options.databaseHooks] : [],
+			generateId: generateIdFunc,
+			graphAdapter
+		}),
+		graphAdapter,
+		createAuthCookie: createCookieGetter(options),
+		async runMigrations() {
+			throw new BetterAuthError("runMigrations will be set by the specific init implementation");
+		},
+		publishTelemetry: publish,
+		skipCSRFCheck: !!options.advanced?.disableCSRFCheck,
+		skipOriginCheck: options.advanced?.disableOriginCheck !== void 0 ? options.advanced.disableOriginCheck : isTest() ? true : false
+	});
+	let context;
+	if (isPromise(initOrPromise)) ({context} = await initOrPromise);
+	else ({context} = initOrPromise);
+	return context;
+}
+const createBetterAuth = (options, initFn) => {
+	const authContext = initFn(options);
+	const { api } = getEndpoints(authContext, options);
+	return {
+		handler: async (request) => {
+			const ctx = await authContext;
+			const basePath = ctx.options.basePath || "/api/auth";
+			if (!ctx.options.baseURL) {
+				const baseURL = getBaseURL(void 0, basePath, request);
+				if (baseURL) {
+					ctx.baseURL = baseURL;
+					ctx.options.baseURL = getOrigin(ctx.baseURL) || void 0;
+				} else throw new BetterAuthError("Could not get base URL from request. Please provide a valid base URL.");
+			}
+			ctx.trustedOrigins = [...options.trustedOrigins ? Array.isArray(options.trustedOrigins) ? options.trustedOrigins : await options.trustedOrigins(request) : [], ctx.options.baseURL];
+			const { handler } = router(ctx, options);
+			return runWithAdapter(ctx.adapter, () => handler(request));
+		},
+		api,
+		options,
+		$context: authContext,
+		$ERROR_CODES: {
+			...options.plugins?.reduce((acc, plugin) => {
+				if (plugin.$ERROR_CODES) return {
+					...acc,
+					...plugin.$ERROR_CODES
+				};
+				return acc;
+			}, {}),
+			...BASE_ERROR_CODES
+		}
+	};
+};
+
+//#endregion
+//#region ../better-auth/dist/auth-CLjxs1D8.mjs
+const init = async (options) => {
+	const adapter = await getAdapter(options);
+	const getDatabaseType = (database) => getKyselyDatabaseType(database) || "unknown";
+	const ctx = await createAuthContext(adapter, options, getDatabaseType);
+	ctx.runMigrations = async function() {
+		if (!options.database || "updateMany" in options.database) throw new BetterAuthError("Database is not provided or it's an adapter. Migrations are only supported with a database instance.");
+		const { runMigrations } = await getMigrations(options);
+		await runMigrations();
+	};
+	return ctx;
+};
+/**
+* Better Auth initializer for full mode (with Kysely)
+*
+* Check `minimal.ts` for minimal mode (without Kysely)
+*/
+const betterAuth = (options) => {
+	return createBetterAuth(options, init);
+};
+
+//#endregion
+//#region src/db-schema.final.ts
+var db_schema_final_exports = /* @__PURE__ */ __export({
+	account: () => account,
+	accountRelations: () => accountRelations,
+	agent: () => agent,
+	agentRelations: () => agentRelations,
+	apikey: () => apikey,
+	apikeyRelations: () => apikeyRelations,
+	asset: () => asset,
+	assetRelations: () => assetRelations,
+	assetRole: () => assetRole,
+	assetRoleRelations: () => assetRoleRelations,
+	assetShare: () => assetShare,
+	assetShareLink: () => assetShareLink,
+	assetShareLinkRelations: () => assetShareLinkRelations,
+	assetShareRelations: () => assetShareRelations,
+	assetType: () => assetType,
+	assetTypeRelations: () => assetTypeRelations,
+	enterpriseSchema: () => enterpriseSchema,
+	invitation: () => invitation,
+	invitationRelations: () => invitationRelations,
+	member: () => member,
+	memberAssetRole: () => memberAssetRole,
+	memberAssetRoleRelations: () => memberAssetRoleRelations,
+	memberOrganizationRole: () => memberOrganizationRole,
+	memberOrganizationRoleRelations: () => memberOrganizationRoleRelations,
+	memberRelations: () => memberRelations,
+	memberTeamRole: () => memberTeamRole,
+	memberTeamRoleRelations: () => memberTeamRoleRelations,
+	oauthAccessToken: () => oauthAccessToken,
+	oauthAccessTokenRelations: () => oauthAccessTokenRelations,
+	oauthApplication: () => oauthApplication,
+	oauthApplicationRelations: () => oauthApplicationRelations,
+	oauthConsent: () => oauthConsent,
+	oauthConsentRelations: () => oauthConsentRelations,
+	object: () => object,
+	objectRelations: () => objectRelations,
+	organization: () => organization,
+	organizationRelations: () => organizationRelations,
+	organizationRole: () => organizationRole,
+	organizationRoleRelations: () => organizationRoleRelations,
+	person: () => person,
+	platformRole: () => platformRole,
+	relationship: () => relationship,
+	relationshipRelations: () => relationshipRelations,
+	schemaDefinition: () => schemaDefinition,
+	schemaDefinitionRelations: () => schemaDefinitionRelations,
+	session: () => session,
+	sessionRelations: () => sessionRelations,
+	team: () => team,
+	teamMember: () => teamMember,
+	teamMemberRelations: () => teamMemberRelations,
+	teamRelations: () => teamRelations,
+	teamRole: () => teamRole,
+	teamRoleRelations: () => teamRoleRelations,
+	twoFactor: () => twoFactor,
+	twoFactorRelations: () => twoFactorRelations,
+	user: () => user,
+	userRelations: () => userRelations,
+	verification: () => verification
+});
+
+//#endregion
+export { getTelemetryAuthConfig as i, betterAuth as n, createTelemetry as r, db_schema_final_exports as t };